Kan ikke åpne Oppgavebehandling

**ImSoLost** · #1 23 Dec 2007, 17:38

Alright, så jeg har lest rundt litt og det virker som det finnes ulike løsninger. Jeg kjører regelverk Windows Vista. Ctrl Alt Del fungerer ikke ... høyreklikk ikke fungerer. når jeg søker etter Taskmgr.exe den sier den er blitt deaktivert av administrator. Hva kan jeg gjøre?

**Hybr! D** · #2 23 Dec 2007, 17:41

Vista er annerledes enn XP.

Høyreklikk oppgavelinjen, og klikk deretter Oppgavebehandling.

**ImSoLost** · #3 23 desember 2007, 18:11

I høyre klikket oppgavelinjen og den er grå. Men jeg søkte rundt litt og fant et område med en direkte kobling til Reged og det ga meg advarslene og jeg forlot ut fordi jeg hadde ingen anelse om hva jeg gjorde. Etterpå ut av curiousity jeg cheked oppgavelinjen og det var ikke grå. Jeg startet maskinen min (for å sikre at det ikke var en midlertidig ting), og for noen merkelig grunn når skjermen for å logge ville komme opp ... det sa trykk Ctrl-Alt-Del for å logge inn Jeg forstår ikke hva som skjedde .

**ImSoLost** · #4 23 Dec 2007, 19:11

Her er min Hijackthis logg

C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ Dwm.exe
C: \ Windows \ Explorer.exe
C: \ Programfiler \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Programfiler \ HP \ QuickPlay \ QPService.exe
C: \ Programfiler \ HP \ HP Software Update \ hpwuSchd2.exe
C: \ Programfiler \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe
C: \ Programfiler \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
C: \ Programfiler \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
C: \ Programfiler \ Java \ jre1.6.0 \ bin \ jusched.exe
C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe
C: \ Programfiler \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe
C: \ Program Files \ Windows Sidebar \ sidebar.exe
C: \ Programfiler \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Users \ Yasmany \ Skrivebord \ Veoh \ VeohClient.exe
C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
C: \ Programfiler \ Fellesfiler \ Adobe \ Updater5 \ AdobeUpdater.exe
C: \ Programfiler \ HP Connections \ 6811507 \ Programfiler \ HP Connections.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ progra ~ 1 \ HEWLET ~ 1 \ Shared \ HPQTOA ~ 1.EXE
C: \ Programfiler \ Hewlett-Packard \ HP Advisor \ SSDK04.exe
C: \ Programfiler \ Internet Explorer \ ieuser.exe
C: \ Programfiler \ Internet Explorer \ iexplore.exe
C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Windows \ system32 \ SearchFilterHost.exe
C: \ Programfiler \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Windows \ system32 \ Macromed \ Flash \ FlashUtil9b.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Tittel = Windows Internet Explorer levert av Comcast
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Innstillinger ProxyServer =: 0
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - (EA756889-2338-43DB-8F07-D1CA6FB9C90D) - C: \ Program Files \ AOL \ AIM Verktøylinje 5.0 \ aoltb.dll
O1 - Hosts::: 1 localhost
O2 - BHO: My Search BHO - (014DA6C1-189F-421a-88CD-07CFE51CFF10) - C: \ Programfiler \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Download og Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Programfiler \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0 \ bin \ ssv.dll
O2 - BHO: AOL Toolbar Launcher - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Program Files \ AOL \ AIM Verktøylinje 5.0 \ aoltb.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: BDEX System - (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) - C: \ Windows \ blopenvxdt.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Programfiler \ Google \ googletoolbar1.dll
O2 - BHO: FastRX - (E09962E7-A39E-4F60-8003-66D57BED27B7) - C: \ Windows \ system32 \ fastRX.dll (fil mangler)
O3 - Toolbar: My Search Bar - (014DA6C9-189F-421a-88CD-07CFE51CFF10) - C: \ Programfiler \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O3 - Toolbar: Veoh Browser Plug-in - (D0943516-5076-4020-A3B5-AEFAF26AB263) - C: \ Users \ Yasmany \ Skrivebord \ Veoh \ Plugins \ reg \ VeohTool bar.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Programfiler \ Google \ googletoolbar1.dll
O3 - Toolbar: AIM-verktøylinjen - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C: \ Program Files \ AOL \ AIM Verktøylinje 5.0 \ aoltb.dll
O3 - Toolbar: The retnsrp - (CC304A4D-FC79-4CD3-9A67-46E3AF59319D) - C: \ Windows \ retnsrp.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Programfiler \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [QPService] "C: \ Programfiler \ HP \ QuickPlay \ QPService.exe"
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [QlbCtrl]% ProgramFiles% \ Hewlett-Packard \ HP Quick Launch Buttons \ QlbCtrl.exe / Start
O4 - HKLM \ .. \ Run: [HP Health Check Scheduler] C: \ Programfiler \ Hewlett-Packard \ HP Health Check \ HPHC_Scheduler.exe
O4 - HKLM \ .. \ Run: [WAWifiMessage]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
O4 - HKLM \ .. \ Run: [hpWirelessAssistant]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ jre1.6.0 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [kpx] C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ system32 \ fastRX.dll DllInitApp
O4 - HKLM \ .. \ Run: [NvSvc] rundll32.exe C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [SeekmoOE] C: \ Programfiler \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [SeekmoSA] "C: \ Programfiler \ Seekmo \ bin \ 10.0.341.0 \ SeekmoSA.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [Symantec pif AlertEng] "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [ddoctorv2] "C: \ Programfiler \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe" / P ddoctorv2
O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ launcher.exe
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [HPAdvisor] C: \ Programfiler \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Programfiler \ AIM6 \ aim6.exe" / d locale = no ee: / / AOL / imApp
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ ehome \ ehTray.exe
O4 - HKCU \ .. \ Run: [Veoh] "C: \ Users \ Yasmany \ Skrivebord \ Veoh \ VeohClient.exe" / VeohHide
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Programfiler \ MSN Messenger \ MsnMsgr.Exe" / background
O4 - HKCU \ .. \ Run: [swg] C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
O4 - HKCU \ .. \ Run: [AdobeUpdater] C: \ Programfiler \ Fellesfiler \ Adobe \ Updater5 \ AdobeUpdater.exe
O4 - HKCU \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C: \ Program Files \ LimeWire \ LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Programfiler \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: HP Connections.lnk = C: \ Programfiler \ HP Connections \ 6811507 \ Programfiler \ HP Connections.exe
O8 - Extra sammenheng menyelement: & AOL Toolbar Search - C: \ Program Files \ AOL \ Målet verktøylinje 5.0 \ ressurser \ no \ Local \ search.html
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra knappen: Send til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ progra ~ 1 \ micros ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra "Verktøy" MENUITEM: S & end til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ progra ~ 1 \ micros ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra knappen: AIM-verktøylinjen - (3369AF0D-62E9-4bda-8103-B4C75499B578) - C: \ Program Files \ AOL \ AIM Verktøylinje 5.0 \ aoltb.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 3 \ Office12 \ REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl klasse) -- http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab
O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl klasse) -- http://messenger.zone.msn.com/binary...t.cab57213.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Klassifikasjon) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (DA758BB1-5F89-4465-975F-8D7179A4BCF3) (WheelofFortune Object) -- http://messenger.zone.msn.com/binary/WoF.cab57176.cab
O21 - SSODL: leorop - (38CA8AE4-A78E-4111-8D0E-BDDF145A5040) - C: \ Windows \ leorop.dll
O21 - SSODL: nopzet - (9543D4D7-3E5B-4B70-BB93-83AC9865627C) - C: \ Windows \ nopzet.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, LP - C: \ Programfiler \ Hewlett-Packard \ HP Quick Launch Buttons \ AddFiltr.exe
O23 - Service: Automatisk LiveUpdate Scheduler - Symantec Corporation - C: \ Programfiler \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Cyberlink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C: \ Programfiler \ HP \ QuickPlay \ Kernel \ TV \ CLCapSvc.exe
O23 - Service: Cyberlink Task Scheduler (CTS) (CLSched) - Unknown owner - C: \ Programfiler \ HP \ QuickPlay \ Kernel \ TV \ CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programfiler \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Programfiler \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Programfiler \ Hewlett-Packard \ Shared \ hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programfiler \ Roxio \ Roxio MyDVD Basic v9 \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C: \ Programfiler \ Norton AntiVirus \ isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Merking Service (LightScribeService) - Hewlett-Packard Company - C: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c: \ progra ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Programfiler \ Fellesfiler \ Roxio Shared \ 9.0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C: \ Programfiler \ Comcast \ Desktop Doctor \ bin \ sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C: \ Programfiler \ Fellesfiler \ SureThing Shared \ stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ AppCore \ AppSvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C: \ Windows \ system32 \ drivers \ xaudio.exe

**howardhopkinson** · #5 31ste Dec 2007, 01:33

Systemet er riddled med malware.

Dra HER og følg instruksjonene nøyaktig.

Post den valgte loggfiler.

I `ll få en mod å flytte denne tråden tilbake til sikkerheten forum. Don `t vite hvorfor den ble flyttet fra det i første omgang.

Regards Howard.

**ImSoLost** · #6 5te 2008 jan 18:05

Før du setter opp noe jeg ønsker å være oppmerksom på at når jeg gikk for å kjøre Online scan det ikke ville la meg ... det sier noe om ikke å ha tillatelse.

Da jeg så i min Legg til / fjern hardware Dette er noe av det jeg fant litt mistenkelig, eller at jeg visste ingenting om.

MSXML 4.0 SP2
Min søkelinjen
muvee autoProducer 5.0
Smart Video Codec v1.6

SUPERAntiSpyware logg
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 01/05/2008 at 07:32
Application Version: 3.9.1008
Core Rules Database Version: 3374
Trace Rules Database Version: 1369
Scan type: Complete Scan
Total Scan Time: 01:23:02
Minne eks skannet: 712
Minne trusler oppdages: 1
Registerelementene skannet: 8254
Registerverdi trusler oppdages: 122
Fil eks skannet: 60434
Fil trusler oppdages: 12
Trojan.Net-MSV/VPS-Variant
C: \ WINDOWS \ BLOPENVXDT.DLL
C: \ WINDOWS \ BLOPENVXDT.DLL
HKLM \ Software \ Classes \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ InprocServer32
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ ProgID
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ Programmable
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ TypeLib
HKCR \ CLSID \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) \ VersionIndependentProgID
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ EXP lorer \ Browser Helper Objects \ (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126)
Adware.MyWay
HKLM \ Software \ Classes \ CLSID \ (014DA6C1-189F-421a-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ InprocServer32
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ Programmable
HKCR \ CLSID \ (014DA6C1-189F-421A-88CD-07CFE51CFF10) \ TypeLib
C: \ Programfiler \ MYSEARCH \ BAR \ 1.BIN \ S4BAR.DLL
HKLM \ Software \ Classes \ CLSID \ (014DA6C9-189F-421a-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10)
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ InprocServer32
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ Programmable
HKCR \ CLSID \ (014DA6C9-189F-421A-88CD-07CFE51CFF10) \ TypeLib
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ EXP lorer \ Browser Helper Objects \ (014DA6C1-189F-421a-88CD-07CFE51CFF10)
HKLM \ Software \ Microsoft \ Internet Explorer \ Toolbar # (014DA6C9-189F-421a-88CD-07CFE51CFF10)
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10)
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ 0
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (014DA6C0-189F-421a-88CD-07CFE51CFF10) \ 1.0 \ HELPDIR
HKU \ S-1-5-21-3682377349-2593316749-328379415-1000 \ Software \ Microsoft \ Internet Explorer \ Toolbar \ WebBrowser # (014DA6C9-189F-421A-88CD-07CFE51CFF10)
Unclassified.Unknown Origin
HKLM \ Software \ Classes \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ InprocServer32
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ ProgID
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ Programmable
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ TypeLib
HKCR \ CLSID \ (E09962E7-A39E-4F60-8003-66D57BED27B7) \ VersionIndependentProgID
C: \ WINDOWS \ system32 \ FASTRX.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ EXP lorer \ Browser Helper Objects \ (E09962E7-A39E-4F60-8003-66D57BED27B7)
Adware.Tracking Cookie
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany@ar.atwola [2]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ atwola [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ DoubleClick [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ adlegend [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ annonsering [2]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ 2o7 [1]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ atdmt [2]. Txt
C: \ Users \ Yasmany \ AppData \ Roaming \ Microsoft \ Windows \ Cookies \ yasmany @ mediaplex [1]. Txt
Adware.180solutions/Seekmo
HKCR \ Seekmo.DesktopFlash
HKCR \ Seekmo.DesktopFlash \ CLSID
HKCR \ Seekmo.DesktopFlash \ CurVer
HKCR \ Seekmo.DesktopFlash.1
HKCR \ Seekmo.DesktopFlash.1 \ CLSID
HKCR \ SeekmoAX.ClientDetector
HKCR \ SeekmoAX.ClientDetector \ CLSID
HKCR \ SeekmoAX.ClientDetector \ CurVer
HKCR \ SeekmoAX.ClientDetector.1
HKCR \ SeekmoAX.ClientDetector.1 \ CLSID
HKCR \ SeekmoAX.UserProfiles
HKCR \ SeekmoAX.UserProfiles \ CLSID
HKCR \ SeekmoAX.UserProfiles \ CurVer
HKCR \ SeekmoAX.UserProfiles.1
HKCR \ SeekmoAX.UserProfiles.1 \ CLSID
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C)
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ Control
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ InprocServer32
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ MiscStatus
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ MiscStatus \ 1
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ ProgID
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ Programmable
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ ToolboxBitmap32
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ TypeLib
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ Version
HKCR \ CLSID \ (1F158A1E-A687-4a11-9679-B3AC64B86A1C) \ VersionIndependentProgID
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030)
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) # AppID
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ LocalServer32
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ ProgID
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ Programmable
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ TypeLib
HKCR \ CLSID \ (914A8F99-38E4-47ec-B875-2B0653516030) \ VersionIndependentProgID
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571)
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ InprocServer32
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ ProgID
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ Programmable
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ TypeLib
HKCR \ CLSID \ (E313F5DC-CFE7-4568-84A4-C76653547571) \ VersionIndependentProgID
HKCR \ TypeLib \ (995E885E-3FF5-4F66-a107-8BFB3A0F8F12)
HKCR \ TypeLib \ (995E885E-3FF5-4F66-a107-8BFB3A0F8F12) \ 1.0
HKCR \ TypeLib \ (995E885E-3FF5-4F66-a107-8BFB3A0F8F12) \ 1.0 \ 0
HKCR \ TypeLib \ (995E885E-3FF5-4F66-a107-8BFB3A0F8F12) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (995E885E-3FF5-4F66-a107-8BFB3A0F8F12) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (995E885E-3FF5-4F66-a107-8BFB3A0F8F12) \ 1.0 \ HELPDIR
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979)
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0 \ 0
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (FBB40FDF-B715-4342-AB82-244ECC66E979) \ 1.0 \ HELPDIR
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335)
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ ProxyStubClsid
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ ProxyStubClsid32
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ TypeLib
HKCR \ Interface \ (BD5258AF-20AE-4BD3-B748-B2851ACA7335) \ TypeLib # Version
HKCR \ AppID \ SeekmoSA_df.exe
HKCR \ AppID \ SeekmoSA_df.exe # AppID
HKCR \ AppID \ (4A40E8FC-C7E4-4F57-9FA4-85DD77402897)
HKU \ S-1-5-21-3682377349-2593316749-328379415-1000 \ Software \ seekmosa
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # DisplayName
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # DisplayIcon
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # UninstallString
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # DisplayVersion
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # HelpLink
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # Publisher
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ SeekmoSA # URLInfoAbout
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run # SeekmoOE [C: \ Programfiler \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe]
C: \ Users \ Yasmany \ AppData \ Roaming \ Seekmo
Trojan.DNSChanger-kodek
HKCR \ VAC.Video
HKCR \ VAC.Video \ CLSID
Trojan.Net-MSV/VPS
HKCR \ MSVPS.MSVPSApp
HKCR \ MSVPS.MSVPSApp \ CLSID
HKCR \ MSVPS.MSVPSApp \ CurVer
Trojan.Net-MU/Gen
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ WebVideo
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ WebVideo # DisplayName
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ WebVideo # UninstallString

Hijackthis Log

Logfile of Trend Micro HijackThis v2.0.2
Scan lagret 8:13:58 PM, on 12/23/2007
Plattform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal
Kjører prosesser:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ Dwm.exe
C: \ Windows \ Explorer.exe
C: \ Programfiler \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Programfiler \ HP \ QuickPlay \ QPService.exe
C: \ Programfiler \ HP \ HP Software Update \ hpwuSchd2.exe
C: \ Programfiler \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe
C: \ Programfiler \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
C: \ Programfiler \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
C: \ Programfiler \ Java \ jre1.6.0 \ bin \ jusched.exe
C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe
C: \ Programfiler \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe
C: \ Program Files \ Windows Sidebar \ sidebar.exe
C: \ Programfiler \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Users \ Yasmany \ Skrivebord \ Veoh \ VeohClient.exe
C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
C: \ Programfiler \ Fellesfiler \ Adobe \ Updater5 \ AdobeUpdater.exe
C: \ Programfiler \ HP Connections \ 6811507 \ Programfiler \ HP Connections.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ progra ~ 1 \ HEWLET ~ 1 \ Shared \ HPQTOA ~ 1.EXE
C: \ Programfiler \ Hewlett-Packard \ HP Advisor \ SSDK04.exe
C: \ Programfiler \ Internet Explorer \ ieuser.exe
C: \ Programfiler \ Internet Explorer \ iexplore.exe
C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Windows \ system32 \ SearchFilterHost.exe
C: \ Programfiler \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Windows \ system32 \ Macromed \ Flash \ FlashUtil9b.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comcast.net/
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Tittel = Windows Internet Explorer levert av Comcast
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Innstillinger ProxyServer =: 0
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - (EA756889-2338-43DB-8F07-D1CA6FB9C90D) - C: \ Program Files \ AOL \ AIM Verktøylinje 5.0 \ aoltb.dll
O1 - Hosts::: 1 localhost
O2 - BHO: My Search BHO - (014DA6C1-189F-421a-88CD-07CFE51CFF10) - C: \ Programfiler \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Download og Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Programfiler \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0 \ bin \ ssv.dll
O2 - BHO: AOL Toolbar Launcher - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Program Files \ AOL \ AIM Verktøylinje 5.0 \ aoltb.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: BDEX System - (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) - C: \ Windows \ blopenvxdt.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Programfiler \ Google \ googletoolbar1.dll
O2 - BHO: FastRX - (E09962E7-A39E-4F60-8003-66D57BED27B7) - C: \ Windows \ system32 \ fastRX.dll (fil mangler)
O3 - Toolbar: My Search Bar - (014DA6C9-189F-421a-88CD-07CFE51CFF10) - C: \ Programfiler \ MySearch \ bar \ 1.bin \ S4BAR.DLL
O3 - Toolbar: Veoh Browser Plug-in - (D0943516-5076-4020-A3B5-AEFAF26AB263) - C: \ Users \ Yasmany \ Skrivebord \ Veoh \ Plugins \ reg \ VeohTool bar.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Programfiler \ Google \ googletoolbar1.dll
O3 - Toolbar: AIM-verktøylinjen - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C: \ Program Files \ AOL \ AIM Verktøylinje 5.0 \ aoltb.dll
O3 - Toolbar: The retnsrp - (CC304A4D-FC79-4CD3-9A67-46E3AF59319D) - C: \ Windows \ retnsrp.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Programfiler \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [QPService] "C: \ Programfiler \ HP \ QuickPlay \ QPService.exe"
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [QlbCtrl]% ProgramFiles% \ Hewlett-Packard \ HP Quick Launch Buttons \ QlbCtrl.exe / Start
O4 - HKLM \ .. \ Run: [HP Health Check Scheduler] C: \ Programfiler \ Hewlett-Packard \ HP Health Check \ HPHC_Scheduler.exe
O4 - HKLM \ .. \ Run: [WAWifiMessage]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe
O4 - HKLM \ .. \ Run: [hpWirelessAssistant]% ProgramFiles% \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ jre1.6.0 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [kpx] C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ system32 \ fastRX.dll DllInitApp
O4 - HKLM \ .. \ Run: [NvSvc] rundll32.exe C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [SeekmoOE] C: \ Programfiler \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [SeekmoSA] "C: \ Programfiler \ Seekmo \ bin \ 10.0.341.0 \ SeekmoSA.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [Symantec pif AlertEng] "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [ddoctorv2] "C: \ Programfiler \ Comcast \ Desktop Doctor \ bin \ sprtcmd.exe" / P ddoctorv2
O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ launcher.exe
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [HPAdvisor] C: \ Programfiler \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Programfiler \ AIM6 \ aim6.exe" / d locale = no ee: / / AOL / imApp
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ ehome \ ehTray.exe
O4 - HKCU \ .. \ Run: [Veoh] "C: \ Users \ Yasmany \ Skrivebord \ Veoh \ VeohClient.exe" / VeohHide
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Programfiler \ MSN Messenger \ MsnMsgr.Exe" / background
O4 - HKCU \ .. \ Run: [swg] C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 1.2.1128.5462 \ G oogleToolbarNotifier.exe
O4 - HKCU \ .. \ Run: [AdobeUpdater] C: \ Programfiler \ Fellesfiler \ Adobe \ Updater5 \ AdobeUpdater.exe
O4 - HKCU \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C: \ Program Files \ LimeWire \ LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Programfiler \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: HP Connections.lnk = C: \ Programfiler \ HP Connections \ 6811507 \ Programfiler \ HP Connections.exe
O8 - Extra sammenheng menyelement: & AOL Toolbar Search - C: \ Program Files \ AOL \ Målet verktøylinje 5.0 \ ressurser \ no \ Local \ search.html
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0 \ bin \ ssv.dll
O9 - Extra knappen: Send til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ progra ~ 1 \ micros ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra "Verktøy" MENUITEM: S & end til OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ progra ~ 1 \ micros ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra knappen: AIM-verktøylinjen - (3369AF0D-62E9-4bda-8103-B4C75499B578) - C: \ Program Files \ AOL \ AIM Verktøylinje 5.0 \ aoltb.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 3 \ Office12 \ REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl klasse) -- http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab
O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl klasse) -- http://messenger.zone.msn.com/binary...t.cab57213.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Klassifikasjon) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (DA758BB1-5F89-4465-975F-8D7179A4BCF3) (WheelofFortune Object) -- http://messenger.zone.msn.com/binary/WoF.cab57176.cab
O21 - SSODL: leorop - (38CA8AE4-A78E-4111-8D0E-BDDF145A5040) - C: \ Windows \ leorop.dll
O21 - SSODL: nopzet - (9543D4D7-3E5B-4B70-BB93-83AC9865627C) - C: \ Windows \ nopzet.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, LP - C: \ Programfiler \ Hewlett-Packard \ HP Quick Launch Buttons \ AddFiltr.exe
O23 - Service: Automatisk LiveUpdate Scheduler - Symantec Corporation - C: \ Programfiler \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Cyberlink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C: \ Programfiler \ HP \ QuickPlay \ Kernel \ TV \ CLCapSvc.exe
O23 - Service: Cyberlink Task Scheduler (CTS) (CLSched) - Unknown owner - C: \ Programfiler \ HP \ QuickPlay \ Kernel \ TV \ CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSvcHst.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programfiler \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Programfiler \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Programfiler \ Hewlett-Packard \ Shared \ hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programfiler \ Roxio \ Roxio MyDVD Basic v9 \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C: \ Programfiler \ Norton AntiVirus \ isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Merking Service (LightScribeService) - Hewlett-Packard Company - C: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c: \ progra ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Programfiler \ Fellesfiler \ Roxio Shared \ 9.0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C: \ Programfiler \ Comcast \ Desktop Doctor \ bin \ sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C: \ Programfiler \ Fellesfiler \ SureThing Shared \ stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ AppCore \ AppSvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C: \ Windows \ system32 \ drivers \ xaudio.exe
--
End of file - 13628 bytes

**howardhopkinson** · #7 5te 2008 jan 19:34

Du ønsker kanskje å kopiere og lime inn disse instruksjonene i en notepad-fil. Deretter kan du ha filen åpnes i sikker modus, så du kan følge instruksjonene enklere.

Boot i sikker modus, under den vanlige brukernavn (ikke administratorkonto). Se hvordan HER.

I Windows Utforsker, slå på "Vis alle filer og mapper, inkludert skjulte og system". Se hvordan HER.

Gå til Legg til / fjern programmer i kontrollpanelet og avinstallere noe å gjøre med (Hvis det).

MySearch
bar
Seekmo
Viewpoint

Lukk kontrollpanelet.

Klikk på Start / Kjør og skriv inn services.msc i kjør-boksen, og trykk på Enter-tasten.

Når vindu, maksimere den. Dobbeltklikk på følgende tjenester (Hvis det) Og stoppe hvis de kjører. Angi oppstartstype til deaktivert. Klikk Bruk / OK for hver tjeneste du deaktivere.

Viewpoint Manager Service

Lukk tjenester vinduet.

Åpne Oppgavebehandling, ved å holde nede Ctrl og Alt-tastene og trykke på slettetasten.

Klikk på kategorien Prosesser og avslutte prosessen for (Hvis det).

ViewpointService.exe
launcher.exe
SeekmoSA.exe
OEAddOn.exe

Lukk Oppgavebehandling.

Kjør HJT med ingen andre programmer åpne (unntatt notisblokk). Klikk scan knappen. Har HJT fikse følgende, ved å plassere en hake i den lille boksen ved siden av (Hvis det).

O2 - BHO: My Search BHO - (014DA6C1-189F-421a-88CD-07CFE51CFF10) - C: \ Programfiler \ MySearch \ bar \ 1.bin \ S4BAR.DLL

O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)

O2 - BHO: BDEX System - (A8565FBC-8D53-4D4F-9BB0-CBC68A22B126) - C: \ Windows \ blopenvxdt.dll

O2 - BHO: FastRX - (E09962E7-A39E-4F60-8003-66D57BED27B7) - C: \ Windows \ system32 \ fastRX.dll (fil mangler)

O3 - Toolbar: My Search Bar - (014DA6C9-189F-421a-88CD-07CFE51CFF10) - C: \ Programfiler \ MySearch \ bar \ 1.bin \ S4BAR.DLL

O3 - Toolbar: The retnsrp - (CC304A4D-FC79-4CD3-9A67-46E3AF59319D) - C: \ Windows \ retnsrp.dll

O4 - HKLM \ .. \ Run: [kpx] C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ system32 \ fastRX.dll DllInitApp

O4 - HKLM \ .. \ Run: [SeekmoOE] C: \ Programfiler \ Seekmo \ bin \ 10.0.341.0 \ OEAddOn.exe

O4 - HKLM \ .. \ Run: [SeekmoSA] "C: \ Programfiler \ Seekmo \ bin \ 10.0.341.0 \ SeekmoSA.exe"

O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ launcher.exe

O21 - SSODL: leorop - (38CA8AE4-A78E-4111-8D0E-BDDF145A5040) - C: \ Windows \ leorop.dll

O21 - SSODL: nopzet - (9543D4D7-3E5B-4B70-BB93-83AC9865627C) - C: \ Windows \ nopzet.dll

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe

Klikk på feilrettingsfilen kontrollert knappen.

Lukk HJT.

Finn og slett følgende fet filer og / eller mapper (Hvis det).

C: \ Program Files \Viewpoint<Slett hele mappen.
C: \ Windows \nopzet.dll
C: \ Windows \leorop.dll

% WINDIR% \ SMINST \launcher.exe
C: \ Program Files \Seekmo<Slett hele mappen.
C: \ Windows \ system32 \fastRX.dll

C: \ Windows \retnsrp.dll
C: \ Program Files \MySearch<Slett hele mappen.
C: \ Windows \blopenvxdt.dll

Reboot i normal modus og rehide at beskyttede OS filer.

Laste ned combofix.exe på skrivebordet. Dobbeltklikk combofix.exe og følg instruksjonene. Et vindu åpnes med en advarsel. Type "1" (og Enter) for å begynne reparasjonen. Når skanningen er fullført vil det åpne en tekstvinduet. Legg ved at logge deg her sammen med en frisk HJT logg. Forsiktig - ikke ta på mus / tastatur til skanningen er fullført. Skanningen vil midlertidig deaktivere skrivebordet ditt, og hvis avbrutt kan forlate skrivebordet deaktivert. Hvis dette skjer, kan du starte på nytt for å gjenopprette skrivebordet.

Combofix automatisk lagre loggfilen til C: \ combofix.txt

Poste Combofix log samt en frisk HJT logg.

Regards Howard.

**ImSoLost** · #8 5te 2008 jan 19:45

Man har jeg dårlig timing. Jeg fant ut hvordan du kjører online scan. Jeg kjører det akkurat nå som vi snakker. Ønsker du fremdeles meg til å gjøre som du sa.

**howardhopkinson** · #9 5te 2008 jan 19:47

Glem online scan for nå, bare følg instruksjonene Jeg har gitt deg.

Regards Howard.

**ImSoLost** · #10 5te 2008 jan 21:01

Når jeg prøver å kjøre Combofix jeg få den blå vinduet, men så står det forbereder å kjøre, og deretter ut av minne eller brudd og jeg får en pop-up som sier "Freeware gjennomføring av REG.EXE har sluttet å jobbe og det tvinger meg til å lukke ned programmet. Vil du ha meg til å legge inn HJT log?

Jeg beklager dette problemer.

Vent litt, jeg vet ikke hvordan, men nå er det jobbet jeg til å kjøre den.

Lignende Tråder
Tråd	Tråd startet	Forum	Svar	Siste innlegg
Hjelp Får ikke tilgang til Mine Task Manager	Raph78	Windows-operativsystemer	5	23 juli 2009 02:45
Task Manager ikke avslutte programmer	tbarber	Windows-operativsystemer	0	17 juni 2009 17:52
Task Manager Prosesser ..	IsoldeAislinn	Windows-operativsystemer	9	25. sep 2008 19:26
Sjekk min oppgave manager ut for meg plz:)	pete21	General Software Chat	5	9 juli 2008 06:05
AnVir Task Manager	evilfantasy	General Software Chat	0	28 mars 2008 14:40